API tools faq
paste
Advertisement
Guest User

/export hide-sensitive compact

a guest
Jan 14th, 2021
370
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.01 KB | None | 0 0
raw download clone embed print report
  1. /interface bridge
  2. add admin-mac=08:55:31:01:C4:BC auto-mac=no comment=defconf name=bridge
  3. /interface vlan
  4. add interface=ether4 name=ELAN vlan-id=2
  5. add interface=ether4 name=INFRA vlan-id=1000
  6. add interface=ether4 name=IOT vlan-id=3
  7. add interface=ether4 name=WIFI vlan-id=4
  8. /interface list
  9. add comment=defconf name=WAN
  10. add comment="VLAN list for easy access" name=VLANs
  11. add comment=defconf include=VLANs name=LAN
  12. /interface wireless security-profiles
  13. set [ find default=yes ] supplicant-identity=MikroTik
  14. /ip hotspot profile
  15. set [ find default=yes ] html-directory=flash/hotspot
  16. /ip pool
  17. add name=dhcp ranges=192.168.1.100-192.168.1.199
  18. add name=dhcp_pool1 ranges=192.168.2.100-192.168.2.254
  19. add name=dhcp_pool2 ranges=192.168.3.100-192.168.3.254
  20. add name=dhcp_pool3 ranges=192.168.2.100-192.168.2.254
  21. add name=dhcp_pool4 ranges=192.168.3.100-192.168.3.254
  22. add name=dhcp_pool5 ranges=192.168.4.50-192.168.4.254
  23. /ip dhcp-server
  24. add address-pool=dhcp disabled=no interface=bridge name=defconf
  25. add address-pool=dhcp_pool3 disabled=no interface=ELAN name=dhcp_elan
  26. add address-pool=dhcp_pool4 disabled=no interface=IOT name=dhcp_iot
  27. add address-pool=dhcp_pool5 disabled=no interface=WIFI name=dhcp_wifi
  28. /interface bridge port
  29. add bridge=bridge comment=defconf interface=ether2
  30. add bridge=bridge comment=defconf interface=ether3
  31. add bridge=bridge comment=defconf disabled=yes interface=ether4
  32. add bridge=bridge comment=defconf interface=ether5
  33. add bridge=bridge comment=defconf interface=sfp1
  34. /ip neighbor discovery-settings
  35. set discover-interface-list=LAN
  36. /interface list member
  37. add comment=defconf interface=bridge list=LAN
  38. add comment=defconf interface=ether1 list=WAN
  39. add interface=ELAN list=VLANs
  40. add interface=INFRA list=VLANs
  41. add interface=IOT list=VLANs
  42. add comment=VLANs interface=WIFI list=VLANs
  43. /ip address
  44. add address=192.168.1.1/24 comment=defconf interface=bridge network=192.168.1.0
  45. add address=192.168.2.1/24 comment=ELAN interface=ELAN network=192.168.2.0
  46. add address=192.168.3.1/24 comment=IOT interface=IOT network=192.168.3.0
  47. add address=192.168.4.1/24 comment=WIFI interface=WIFI network=192.168.4.0
  48. add address=192.168.200.1/24 comment=INFRA interface=INFRA network=192.168.200.0
  49. /ip dhcp-client
  50. add comment=defconf disabled=no interface=ether1
  51. /ip dhcp-server network
  52. add address=192.168.1.0/24 comment=defconf dns-server=192.168.1.1 domain=localdomain gateway=192.168.1.1 netmask=24
  53. add address=192.168.2.0/24 comment=ELAN dns-server=192.168.2.1 gateway=192.168.2.1
  54. add address=192.168.3.0/24 comment=IOT dns-server=192.168.3.1 gateway=192.168.3.1
  55. add address=192.168.4.0/24 comment=WIFI dns-server=192.168.4.1 domain=localdomain gateway=192.168.4.1 netmask=24
  56. /ip dns
  57. set allow-remote-requests=yes servers=8.8.8.8,1.1.1.1
  58. /ip dns static
  59. add address=192.168.1.1 comment=defconf name=router.localdomain type=A
  60. add address=192.168.1.10 comment="main server" name=rotom.localdomain type=A
  61. add address=192.168.1.25 comment="Minecraft server" name=deoxys.localdomain type=A
  62. add address=192.168.1.24 comment="Git server" name=latios.localdomain type=A
  63. add address=192.168.1.200 comment="Main NAS - FreeNAS" name=freenas.localdomain type=A
  64. add address=192.168.1.11 comment=Photon name=photon.localdomain type=A
  65. /ip firewall filter
  66. add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
  67. add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
  68. add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
  69. add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
  70. add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
  71. add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
  72. add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
  73. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
  74. add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
  75. add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
  76. add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
  77. /ip firewall nat
  78. add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
  79. add action=dst-nat chain=dstnat comment="Web Server" dst-port=443 in-interface=ether1 protocol=tcp to-addresses=192.168.1.30 to-ports=443
  80. /system clock
  81. set time-zone-name=America/Los_Angeles
  82. /system identity
  83. set name=Router
  84. /system script
  85. add dont-require-permissions=no name=DHCPtoDNS owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=""
  86. /tool mac-server
  87. set allowed-interface-list=LAN
  88. /tool mac-server mac-winbox
  89. set allowed-interface-list=LAN
  90.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!